Merge remote-tracking branch 'upstream/master'

[nominatim.git] / lib / Geocode.php

diff --git a/lib/Geocode.php b/lib/Geocode.php
index a2baa8eab129a8054fc13f3620c322704055742d..ac92257f7782dc3fb9c9d8a612c8157f603446f4 100644 (file)
--- a/lib/Geocode.php
+++ b/lib/Geocode.php
@@ -1061,7 +1061,7 @@ class Geocode
                     continue;
                 }
 
-                $sToken = chksql($this->oDB->getOne("SELECT make_standard_name('".$aSpecialTerm[1]."') AS string"));
+                $sToken = chksql($this->oDB->getOne("SELECT make_standard_name('".pg_escape_string($aSpecialTerm[1])."') AS string"));
                 $sSQL = 'SELECT * ';
                 $sSQL .= 'FROM ( ';
                 $sSQL .= '   SELECT word_id, word_token, word, class, type, country_code, operator';